<?php session_start();

require_once "opendb.php";
require_once "user.php";
require_once 'settingManager.php';
class userManager
{
    public static function getUser($userID)
    {
        $userID = mysql_real_escape_string($userID);
        $select = mysql_query("SELECT * FROM users WHERE ID='$userID'") or die(mysql_error());
        $result = mysql_num_rows($select);
        if ($result > 0)
        {
            $userInfo = mysql_fetch_array($select);
            $user = new User();
            $user->setFName($userInfo['firstName']);
            $user->setLName($userInfo['lastName']);
            $user->setAddress($userInfo['address']);
            $user->setPhone($userInfo['phone']);
            $user->setCollege($userInfo['school']);
            $user->setEmail($userInfo['email']);
            $user->setUsername($userInfo['username']);
            $user->setBirthday($userInfo['birthdate']);
            return $user;
        }
    }
    public static function registerUser(User $user)
    {
        //$user = mysql_real_escape_string($user);
        $userName = $user->getUsername();
        $select = mysql_query("SELECT * FROM users WHERE username='$userName'") or die(mysql_error());
        $result = mysql_num_rows($select);
        if ($result > 0)
        {            
            echo "That username has been taken. Please choose another.";
            return 0;
        }
        else
        {
            $firstName = $user->getFirstName();
            $birthday = $user->getBirthday();
            $email = $user->getEmail();
            $password = $user->getPassword();
            $sex = $user->getSex();
            $lastName = $user->getLastName();
            $phone = $user->getPhone();
            $address = $user->getAddress();
            $college = $user->getCollege();
            $oauth_id = $user->getOath_id();
            $oauth_provider = $user->getOath_provider();
            $oauth_secret = $user->getOath_secret();
            $oauth_token = $user->getOath_token();
            
            $insert = mysql_query("INSERT INTO users VALUES (NULL, '$firstName',
                    '$birthday', '$email', '$userName', '$password', '$sex',
                    '$lastName', '$phone', '$address', '$college', '$oauth_provider', '$oauth_token', '$oauth_secret')") or die(mysql_error());
            $select2 = mysql_query("SELECT ID FROM users WHERE username = '$userName' LIMIT 1");
            $userInfo = mysql_fetch_array($select2);
            $userID = $userInfo['ID'];
            $insert2 = mysql_query("INSERT INTO settings VALUES ('$userID', '1', '1', '1', '1', '0', '0', '0', '1', '1')");
            if ($insert && $insert2)
            {
                echo "Your account has successfully been created!";
                return 1;
            }
        }
    }

    public static function registerTwitter(User $user)
    {
        //$user = mysql_real_escape_string($user);
        $userName = $user->getUsername();
        $select = mysql_query("SELECT * FROM users WHERE username='$userName'") or die(mysql_error());
        $result = mysql_num_rows($select);
        if ($result > 0)
        {
            echo "That username has been taken. Please choose another.";
            return 0;
        }
        else
        {
            $firstName = $user->getFirstName();
            $birthday = $user->getBirthday();
            $email = $user->getEmail();
            $password = $user->getPassword();
            $sex = $user->getSex();
            $lastName = $user->getLastName();
            $phone = $user->getPhone();
            $address = $user->getAddress();
            $college = $user->getCollege();
            $oauth_id = $user->getOath_id();
            $oauth_provider = $user->getOath_provider();
            $oauth_secret = $user->getOath_secret();
            $oauth_token = $user->getOath_token();

            $insert = mysql_query("INSERT INTO users VALUES ('$oauth_id', '$firstName',
                    '$birthday', '$email', '$userName', '$password', '$sex',
                    '$lastName', '$phone', '$address', '$college', $oauth_provider, $oauth_token, $oauth_secret)") or die(mysql_error());
            $select2 = mysql_query("SELECT ID FROM users WHERE username = '$userName' LIMIT 1");
            $userInfo = mysql_fetch_array($select2);
            $userID = $userInfo['ID'];
            $insert2 = mysql_query("INSERT INTO settings VALUES ('$userID', '1', '1', '1', '1', '0', '0', '0', '1', '1')");
            if ($insert && $insert2)
            {
                echo "Your account has successfully been created!";
                return 1;
            }
        }
    }


    public function editUser(User $user)
    {
        $user = mysql_real_escape_string($user);
        $id = $user->getID();
        $firstName = $user->getFirstName();
        $birthday = $user->getBirthday();
        $email = $user->getEmail();
        $password = $user->getPassword();
        $sex = $user->getSex();
        $lastName = $user->getLastName();
        $phone = $user->getPhone();
        $address = $user->getAddress();
        $college = $user->getCollege();
        
        $update = mysql_query("UPDATE users SET firstName = '$firstName',
                birthdate = '$birthday', email = '$email', password = 'MD5($password, $userName)',
                sex = '$sex', lastName = '$lastName', phone = '$phone', address = '$address', school = '$college' WHERE UserID = '$id' LIMIT 1");
        $num = mysql_affected_rows();
        if ($num == 1)
            echo "The user has been successfully updated.";
        else
            echo "The user has not been successfully updated.";
    }

    public static function login($username, $password)
    {
        $username = mysql_real_escape_string($username);
        $password = mysql_real_escape_string($password);
        $encryptPass = crypt(md5($password),md5($username));
        $select = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$encryptPass'") or die(mysql_error());
        $result = mysql_num_rows($select);
        $userInfo = mysql_fetch_array($select);

        if ($result > 0) {
            $_SESSION['userID'] = $userInfo['ID'];
            //echo "You have been logged in, " . $userInfo['firstName'] . "!";
             header('Location: /dcsp-portal-project/index.php' ) ;
            return 1;
        } else
        {
            echo "You have entered an incorrect username or password combination. Please try again.<br>";
            return 0;
        }

    }
}


?>
